metaplex
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [SAFE] (SAFE): No malicious patterns detected across the provided files. The code demonstrates legitimate use of Metaplex Foundation libraries for NFT operations.
- [CREDENTIALS_UNSAFE] (LOW): The setupUmi function in create-nft.ts allows for wallet initialization using a secretKey. While standard for programmatic access in SDK examples, it is a reminder for developers to manage private keys securely (e.g., via environment variables or secret managers).
- [EXTERNAL_DOWNLOADS] (SAFE): The skill references and provides installation instructions for numerous official @metaplex-foundation packages on NPM. These are trusted sources within the Solana ecosystem.
- [COMMAND_EXECUTION] (SAFE): Uses the fs module to read local image files in uploadAndCreateNft. This is consistent with the skill's purpose of uploading assets for NFT creation.
Audit Metadata